• Title/Summary/Keyword: Private key

Search Result 695, Processing Time 0.035 seconds

Design and Implementation of Certification Protocol Considered on Security of Private Key (비밀키 안전성을 고려한 인증 프로토콜 설계 및 구현)

  • 박소희;김춘길;김순자
    • Proceedings of the Korea Institutes of Information Security and Cryptology Conference
    • /
    • 1998.12a
    • /
    • pp.67-82
    • /
    • 1998
  • 컴퓨터 통신망과 인터넷의 발달로 등장한 전자상거래는 안전성과 신뢰성이 보장되어야 한다. 이를 위해, 본 논문에서는 기존의 인증기관과 전자지갑을 기능별 구조로 고찰한뒤 비밀키의 안전도를 개선할 수 있는 전자상거래에서의 인증 프로토콜을 제안하고 구현한다. 제안한 인증 프로토콜은 사용자의 공개키/비밀키 쌍을 전자지갑이 직접 생성하고 인증기관은 사용자의 공개키만을 전자서명하도록 함으로써 전자상거래 시스템에서 사용자 비밀키에 더 높은 안전성과 신뢰성을 제공한다. 또한, 공개키 암호시스템으로는 키 길이와 메모리 면에서 효율적인 타원곡선 암호시스템을 사용한다.

  • PDF

Implementation of SEED Using Java Card API (자바 카드 API를 이용한 SEED 알고리즘 구현)

  • 채철주;이성현;이재광
    • Proceedings of the Korea Contents Association Conference
    • /
    • 2004.05a
    • /
    • pp.283-288
    • /
    • 2004
  • Authentication and digital signature make secured existing contract in remote spot. But, It required method of storing and managing secret, such as private key password. For this method, we make efforts solution of security with smart cart, such as java card. This paper implement SEED algorithm based on Java Card

  • PDF

Securing Internet-based SCADA Wireless Component Communication

  • Robles, Rosslin John;Kim, Tai-hoon
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.4 no.1
    • /
    • pp.3-7
    • /
    • 2012
  • Traditionally SCADA is connected only in a limited private network. With new technology and facilities, there are also demands of connecting SCADA though the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data viewing and generation. Aside from connecting SCADA to the internet, there are also operators who want to connect their system wirelessly. This can save budget for communication lines. Along with the advantages it brings, are security issues regarding wireless internet SCADA. In this paper, we discuss internet SCADA, its connection through wireless communication and the security issues surrounding it. To answer the security issues, a symmetric-key encryption for internet SCADA is proposed.

Algebraic-Coded Cryptosystem Using Primitive Binary BCH Codes (원시 이원 BCH 부호를 사용한 Algebraic-Coded Cryptosystem)

  • Jo Yong-Geon;Nam Gil-Hyeon
    • Journal of the military operations research society of Korea
    • /
    • v.15 no.2
    • /
    • pp.94-104
    • /
    • 1989
  • The concept of Algebraic-Coded Cryptosystem has been proposed recently but its application has not been developed yet. The primary object of this paper is to implement the Private-Key Algebraic-Coded Cryptosystem by using the primitive binary BCH codes. In the analysis of the cryptosystein, we find out the fact that there may exist other key pairs $S_i\;and\;P_i$ satisfying $G^*=S_{i},G_{s},P_{i}$ where $SG_{s}P$ is the original cryptosystem made by use of the systematic code generation matrix $G_{s}$.

  • PDF

(Design and Implementation of RTP Security Control Protocol for Protecting Multimedia Information) (멀티미디어 정보 보호를 위한 RTP 보안 제어 프로토콜 설계 및 구현)

  • 홍종준
    • Journal of the Korea Computer Industry Society
    • /
    • v.3 no.9
    • /
    • pp.1223-1234
    • /
    • 2002
  • RTP payload must be encrypted for providing commercial VOD service or private video conference over the Internet. Encryption/decryption delay is minimized because there are constraints in transporting a multimedia data through the Internet. Therefore, encryption algorithm is changed with considering network traffic md load. During many users participate in the same multimedia service, an user who already left the service can receive and decrypt the RTP payload because of knowing the encryption key. In this paper, Security Control Protocol for RTP is designed and implemented for changing the encryption algorithm and the key.

  • PDF

Applying Asymmetric Key Encryption to Secure Internet based SCADA

  • Robles, Rosslin John;Kim, Tai-hoon
    • International Journal of Internet, Broadcasting and Communication
    • /
    • v.4 no.2
    • /
    • pp.17-21
    • /
    • 2012
  • As an acronym for Supervisory Control and Data Acquisition, SCADA is a concept that is used to refer to the management and procurement of data that can be used in developing process management criteria. The use of the term SCADA varies, depending on location. Conventionally, SCADA is connected only in a limited private network. In current times, there are also demands of connecting SCADA through the internet. The internet SCADA facility has brought a lot of advantages in terms of control, data generation and viewing. With these advantages, come the security issues regarding web SCADA. In this paper, we discuss web SCADA and its connectivity along with the issues regarding security and suggests a web SCADA security solution using asymmetric-key encryption.

A Study on the Realtime Cert-Validation of Certification based on DARC (DARC 기반에서의 실시간 인증서 유효성 검증에 관한 연구)

  • 장홍종;이정현
    • Proceedings of the CALSEC Conference
    • /
    • 2001.08a
    • /
    • pp.155-163
    • /
    • 2001
  • There are cases that revoke the certification because of disclosure of private key, deprivation of qualification and the expiration of a term of validity based on PKI. So, a user have to confirm the public key whether valid or invalid in the certification. There are many method such as CRL, Delta-CRL, OCSP for the cert-validation of certification. But these method many problems which are overload traffic on network and the CRL server because of processing for cert-validation of certification. In this paper we proposed the realtime cert-validation of certification method which solved problems that are data integrity by different time between transmission and receiving for CRL, and overload traffic on network and the CRL server based on DARC.

  • PDF

A Simple Fingerprint Fuzzy Vault for FIDO

  • Cho, Dongil
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.11
    • /
    • pp.5674-5691
    • /
    • 2016
  • Fast IDentity Online(FIDO) supports biometric authentications in an online environment without transmitting biometric templates over the network. For a given FIDO client, the "Fuzzy Vault" securely stores biometric templates, houses additional biometric templates, and unlocks private keys via biometrics. The Fuzzy Vault has been extensively researched and some vulnerabilities have been discovered, such as brute force, correlation, and key inversions attacks. In this paper, we propose a simple fingerprint Fuzzy Vault for FIDO clients. By using the FIDO feature, a simple minutiae alignment, and point-to-point matching, our Fuzzy Vault provides a secure algorithm to combat a variety of attacks, such as brute force, correlation, and key inversions. Using a case study, we verified our Fuzzy Vault by using a publicly available fingerprint database. The results of our experiments show that the Genuine Acceptance Rate and the False Acceptance Rate range from 48.89% to 80% and from 0.02% to 0%, respectively. In addition, our Fuzzy Vault, compared to existing similar technologies, needed fewer attempts.

A Private Key Roaming Protocol for Roaming Services (로밍 서비스를 위한 개인키 로밍 프로토콜)

  • 문성원;김영갑;박대하;문창주;백두권
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2003.10a
    • /
    • pp.724-726
    • /
    • 2003
  • ‘키로밍(Key Roaming)’서비스는 임의의 단말기에서 인증서, 전자서명 둥의 사용자의 비밀정보를 네트워크를 통해서 접근할 수 있는 기능을 지원한다. 현재 은행의 뱅킹 시스템이나 그 밖의 인터넷 서비스에서는 비밀정보를 사용자의 컴퓨터에 저장해서 사용한다. 그러나 사용자가 그 비밀정보를 다른 컴퓨터에서 사용하고자 할 때에는 디스크나 스마트카드와 같은 보조기억장치에 저장해야 하는 불편함이 존재한다. 종래의 이러한 방식은 사용이 불편할 뿐만 아니라 공간과 비용치 부담이 크므로 키로밍 프로토콜에 대한 요구가 더욱 증대하였다. 키로밍 프로토콜은 공간과 비용의 절감이라는 효과가 있지만 해결해야 할 보안상의 문제가 존재하며 이 문제점들을 해결하기 위한 많은 방법들이 제시되어 왔다. 본 논문에서는 베리사인의 프로토콜과 한국정보 보호센타에서 제시한 다중서버를 이용하는 프로토콜에 대해서 살펴본 후 그 문제점을 지적하고 이를 해결 할 수 있는 새로운 프로토콜을 제안한다.

  • PDF

Improved Identity-Based Broadcast Encryption (개선된 Identity 기반의 브로드캐스트 암호화 기법)

  • Kim, Ki-Tak;Park, Jong-Hwan;Lee, Dong-Hoon
    • 한국정보통신설비학회:학술대회논문집
    • /
    • 2008.08a
    • /
    • pp.347-349
    • /
    • 2008
  • The primitive of Identity-Based Broadcast Encryption allows a sender to distribute session keys or messages for a dynamically changing set of receivers using the receiver's identity as a public key. We already know that the trade-off exists the efficiency between the public parameter size and the ciphertext size. So, if the ciphertext size is O(1), then the public parameter size may be O(n). Some of IBBE scheme take the public parameters as input in decryption phase. Thus, a decryption device (or client) has to store the public parameters or receive it. This means that a decryption device (or client) has to have the proper size storage. Recently, delerabl$\square$e proposed an IBBE which have the O(1) size ciphertexts and the O(n) size public parameters. In this paper, we present an IBBE scheme. In our construction the ciphertext size and the public parameter size are sub-linear in the total number of receivers, and the private key size is constant.

  • PDF